Manikumar created KAFKA-15502:
---------------------------------
Summary: Handle large keystores in SslEngineValidator
Key: KAFKA-15502
URL: https://issues.apache.org/jira/browse/KAFKA-15502
Project: Kafka
Issue Type: Bug
Affects Versions: 3.6.0
Reporter: Manikumar
Assignee: Manikumar
We have observed an issue where inter broker SSL listener is not coming up for
large keystores (size >16K)
1. Currently validator code doesn't work well with large stores. Right now,
WRAP returns if there is already data in the buffer. But if we need more data
to be wrapped for UNWRAP to succeed, we end up looping forever.
2. Observed large TLSv3 post handshake messages are not getting read and
causing UNWRAP loop forever. This is observed with JDK17+
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
